Conception approach of access control in heterogeneous information systems using UML

Abstract: The development of the information systems should answer more and more to the problems of federated data sources and the problems with the heterogeneous distributed information systems. The assurance of data access security realized in the cooperative information systems with loose connection among local data sources is hard to achieve mainly for two reasons: the local data sources are heterogeneous (i.e. data, models, access security models, semantics, etc.) and the local autonomy of systems does not allow to… Show more

“…Role-based access control approach [1] or its extensions [7,8] requires the identification of roles in a system. The role is properly viewed as a semantic structure around which the access control policy is formulated.…”

“…The constraints can be defined for each main element of the model presented above (i.e user, group, subject, session, role, function, permission, object and method), and also for the relationships among the elements. The concept of constraints was described widely in the literature [3,8,11,13]. It is possible to distinguish different types of constraints, static and dynamic, that can be attached to different model elements.…”

“…Two types of actors cooperate in the design and realization of security schema of an information system [8]: on the one hand it is application/system developer who knows its specification that should be realized and on the other hand it is security administrator who knows the general security rules and constraints that should be taken into consideration on the whole company level. We propose to partition the responsibilities between these two actors in the process of definition and implementation of security schema on access control level and to determine their cooperation in order to establish the global access control schema that fulfill the concepts of URBAC.…”

Role Approach in Access Control Development with the Usage Control Concept

“…Role-based access control approach [1] or its extensions [7,8] requires the identification of roles in a system. The role is properly viewed as a semantic structure around which the access control policy is formulated.…”

“…The constraints can be defined for each main element of the model presented above (i.e user, group, subject, session, role, function, permission, object and method), and also for the relationships among the elements. The concept of constraints was described widely in the literature [3,8,11,13]. It is possible to distinguish different types of constraints, static and dynamic, that can be attached to different model elements.…”

“…Two types of actors cooperate in the design and realization of security schema of an information system [8]: on the one hand it is application/system developer who knows its specification that should be realized and on the other hand it is security administrator who knows the general security rules and constraints that should be taken into consideration on the whole company level. We propose to partition the responsibilities between these two actors in the process of definition and implementation of security schema on access control level and to determine their cooperation in order to establish the global access control schema that fulfill the concepts of URBAC.…”

Role Approach in Access Control Development with the Usage Control Concept

“…The constraints can be defined for each main element of the model presented above (i.e user, group, subject, session, role, function, permission, object and method), and also for the relationships among the elements. The concept of constraints was described widely in the literature [5,6,13,14,16]. It is possible to distinguish different types of constraints, static and dynamic, that can be attached to different model elements.…”

UML Representation of Extended Role-Based Access Control Model with the Use of Usage Control Concept

Event Management Service System